Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

103,102 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22700 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23645 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24599 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24598 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22794 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24602 was published Feb 4, 2025
Incorrect Privilege Assignment vulnerability in wpase.com Admin and Site Enhancements (ASE)... High Unreviewed
CVE-2025-24648 was published Feb 4, 2025
The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability... High Unreviewed
CVE-2024-23690 was published Feb 4, 2025
**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI... High Unreviewed
CVE-2024-40890 was published Feb 4, 2025
**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the... High Unreviewed
CVE-2024-40891 was published Feb 4, 2025
Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1... High Unreviewed
CVE-2025-20890 was published Feb 4, 2025
A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 .... High Unreviewed
CVE-2024-10239 was published Feb 4, 2025
There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD... High Unreviewed
CVE-2024-10237 was published Feb 4, 2025
Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan... High Unreviewed
CVE-2025-20882 was published Feb 4, 2025
A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG... High Unreviewed
CVE-2024-10238 was published Feb 4, 2025
Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to... High Unreviewed
CVE-2025-20881 was published Feb 4, 2025
Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025... High Unreviewed
CVE-2025-20888 was published Feb 4, 2025
A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for... High Unreviewed
CVE-2025-1003 was published Feb 4, 2025
Polycom RealPresence Group 500 <=20 has Insecure Permissions due to automatically loaded cookies.... High Unreviewed
CVE-2025-22918 was published Feb 3, 2025
A Cross-Site Request Forgery (CSRF) in Geovision GV-ASWeb with the version 6.1.1.0 or less allows... High Unreviewed
CVE-2024-56903 was published Feb 3, 2025
With address book access, SMB/FTP settings could be modified, redirecting scans and possibly... High Unreviewed
CVE-2024-12511 was published Feb 3, 2025
The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed
CVE-2024-12859 was published Feb 3, 2025
Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. High Unreviewed
CVE-2024-49843 was published Feb 3, 2025
Memory corruption while parsing the memory map info in IOCTL calls. High Unreviewed
CVE-2024-38418 was published Feb 3, 2025
Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. High Unreviewed
CVE-2024-45560 was published Feb 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database